#!/bin/sh
#
# Copyright (c) 2018 Oracle and/or its affiliates. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# This file is a TEMPLATE for a shell script that will create
# Kubernetes secrets that will be used to deploy this example program
# to Kubernetes.  If you are reading this from the
# src/main/resources/k8s directory, bear in mind that it is first
# copied with Maven filtering applied to the
# ${project.build.directory} directory, which is normally "target".
#
# You should take the target/oci.secrets.template file and make a copy
# of it.  Then, customize the variables below in your copy to contain
# the required information.

# The name of the secret that Kubernetes will create.  It must consist of lower
# case alphanumeric characters, '-' or '.', and must start and end with an
# alphanumeric character.  The regular expression used for validation is:
# [a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*
SECRET_NAME=${kubernetesSecretName}

# The fingerprint for the key pair being used.  See
# https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm#How3
# for more information.
OCI_AUTH_FINGERPRINT=

# The passphrase used for the key if it is encrypted.  See
# https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm#two
# for more information.
OCI_AUTH_PASSPHRASE=

# The actual private key contents.  This variable is set by default to
# contain the exact contents of the private key file output by the
# instructions found at
# https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm#two.
# However you choose to set this variable, it must contain the exact
# private key contents, including newlines.
OCI_AUTH_PRIVATEKEY=$(cat ~/.oci/oci_api_key.pem)

# The OCID of your tenancy.  See
# https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm#five
# for more information.
OCI_AUTH_TENANCY=

# The OCID of your user.  See
# https://docs.cloud.oracle.com/iaas/Content/API/Concepts/apisigningkey.htm#five
# for more information.  For more on OCIDs in general, see
# https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm#one.
OCI_AUTH_USER=

# The OCID of the compartment containing the OCI object storage
# service you wish to access.  For more on OCIDs in general, see
# https://docs.cloud.oracle.com/iaas/Content/General/Concepts/identifiers.htm#one.
OCI_OBJECTSTORAGE_COMPARTMENT=

# The region to use.  See
# https://docs.cloud.oracle.com/iaas/Content/General/Concepts/regions.htm
# for more information.
OCI_OBJECTSTORAGE_REGION=

# The command below uses the variables above and should not need to be
# modified.
kubectl create secret generic ${SECRET_NAME} \
--from-literal=OCI_AUTH_FINGERPRINT="${OCI_AUTH_FINGERPRINT}" \
--from-literal=OCI_AUTH_PASSPHRASE="${OCI_AUTH_PASSPHRASE}" \
--from-literal=OCI_AUTH_PRIVATEKEY="${OCI_AUTH_PRIVATEKEY}" \
--from-literal=OCI_AUTH_TENANCY="${OCI_AUTH_TENANCY}" \
--from-literal=OCI_AUTH_USER="${OCI_AUTH_USER}" \
--from-literal=OCI_OBJECTSTORAGE_COMPARTMENT="${OCI_OBJECTSTORAGE_COMPARTMENT}" \
--from-literal=OCI_OBJECTSTORAGE_REGION="${OCI_OBJECTSTORAGE_REGION}"
